If you ever connected something to the public internet you might have noticed that within seconds people are knocking on your ports. To avoid people bruteforcing them self into your server you can setup Fail2Ban. Fail2Ban watches logfiles for incorrect logins and automatically bans IP’s.
sudo apt update && sudo apt upgrade
sudo apt install fail2ban
Make sure you copy the default Fail2Ban configuration file to jail.local. Never edit the file jail.conf.
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo vim /etc/fail2ban/jail.local
You can configure Fail2Ban to exclude some IPs. You might want to add your own external IP here. Fail2Ban uses CIDR notations.
ignoreip = 127.0.0.1/8 an.ip.address.here another.goes.here.yeah one.for.another.person
You can configure Fail2Ban how long IPs are banned. IF you excluded your own external IP i’d recommend setting up permanent bans.
use bantime = -1 for permanent bans, otherwise use bantime = 21600
Restart Fail2Ban with the command: sudo service fail2ban restart